Bug 1316680

Summary: mcstrans daemon segfaults when selinux_raw_context_to_color() uses incomplete context
Product: Red Hat Enterprise Linux 6 Reporter: Milos Malik <mmalik>
Component: mcstransAssignee: Petr Lautrbach <plautrba>
Status: CLOSED WONTFIX QA Contact: Milos Malik <mmalik>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.8CC: lvrabec, mgrepl, mmalik, plautrba
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1315996 Environment:
Last Closed: 2016-11-02 17:06:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Milos Malik 2016-03-10 18:31:00 UTC 
+++ This bug was initially created as a clone of Bug #1315996 +++

Description of problem:
mcstransd[30718]: segfault at 0 ip 00007f406bd2c301 sp 00007ffebebefdc8 error 4 in libc-2.12.so[7f406bcab000+18a000]
mcstransd[43443]: segfault at 0 ip 00007fd5663ac301 sp 00007ffc71b37e18 error 4 in libc-2.12.so[7fd56632b000+18a000]
mcstransd[46223]: segfault at 0 ip 00007f87a8307301 sp 00007fffb9135408 error 4 in libc-2.12.so[7f87a8286000+18a000]

Version-Release number of selected component (if applicable):
RHEL-6.8
libselinux-2.0.94-7.el6.x86_64
libselinux-devel-2.0.94-7.el6.x86_64
libselinux-python-2.0.94-7.el6.x86_64
libselinux-ruby-2.0.94-7.el6.x86_64
libselinux-utils-2.0.94-7.el6.x86_64
mcstrans-0.3.1-4.el6.x86_64

How reproducible:
always

Steps to Reproduce:
0) get a RHEL-6.8 machine with active targeted policy
1) use /etc/selinux/targeted/secolor.conf file with following content:
color black  = #000000
color green  = #008000
color yellow = #ffff00
color blue   = #0000ff
color white  = #ffffff
color red    = #ff0000
color orange = #ffa500
color tan    = #d2b48c
user unconfined_u = #ff0000 green
role unconfined_r = red #ffffff
type unconfined_t = red orange
user user_u       = black green
role user_r       = white black
type user_t       = tan red
user xguest_u     = black yellow
role xguest_r     = black red
type xguest_t     = black green
user sysadm_u     = white black
range s0:c0.c1023 = black white
user *            = black white
role *            = black white
type *            = black white
2) start mcstransd
3) run following command as common user or as root:
echo -en 'import selinux\nselinux.selinux_raw_context_to_color("user_u:user_r:")\n' | python
4) check the status of mcstrans daemon

Actual results:
 * it segfaulted

Expected results:
 * it's running
Comment 1 Petr Lautrbach 2016-11-02 17:06:10 UTC 
Red Hat Enterprise Linux version 6 is entering the Production 2 phase of its lifetime and this bug doesn't meet the criteria for it, i.e. only high severity issues will be fixed. Please see https://access.redhat.com/support/policy/updates/errata/ for further information.

This issue is being tracked in Red Hat Enterprise Linux version 7.